Details of VAR-201910-0902

ID

VAR-201910-0902

CVE

CVE-2019-2215

TITLE

Android Uses freed memory vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2019-010672

DESCRIPTION

A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability, however exploitation does require either the installation of a malicious local application or a separate vulnerability in a network facing application.Product: AndroidAndroid ID: A-141720095. Android Contains a vulnerability in the use of freed memory. This vulnerability Android ID: A-141720095 It is published asInformation is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01) New kernel packages are available for Slackware 14.2 to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/linux-4.4.199/*: Upgraded. These updates fix various bugs and security issues. Be sure to upgrade your initrd after upgrading the kernel packages. If you use lilo to boot your machine, be sure lilo.conf points to the correct kernel and initrd and run lilo as root to update the bootloader. If you use elilo to boot your machine, you should run eliloconfig to copy the kernel and initrd to the EFI System Partition. For more information, see: Fixed in 4.4.191: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3900 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15118 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10906 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10905 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10638 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15117 Fixed in 4.4.193: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14835 Fixed in 4.4.194: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14816 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14814 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15505 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14821 Fixed in 4.4.195: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17053 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17052 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17056 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17055 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17054 Fixed in 4.4.196: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2215 Fixed in 4.4.197: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16746 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20976 Fixed in 4.4.198: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17075 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17133 Fixed in 4.4.199: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15098 (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you. Updated packages for Slackware 14.2: ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.199/kernel-generic-4.4.199-i586-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.199/kernel-generic-smp-4.4.199_smp-i686-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.199/kernel-headers-4.4.199_smp-x86-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.199/kernel-huge-4.4.199-i586-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.199/kernel-huge-smp-4.4.199_smp-i686-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.199/kernel-modules-4.4.199-i586-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.199/kernel-modules-smp-4.4.199_smp-i686-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.199/kernel-source-4.4.199_smp-noarch-1.txz Updated packages for Slackware x86_64 14.2: ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.199/kernel-generic-4.4.199-x86_64-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.199/kernel-headers-4.4.199-x86-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.199/kernel-huge-4.4.199-x86_64-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.199/kernel-modules-4.4.199-x86_64-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.199/kernel-source-4.4.199-noarch-1.txz MD5 signatures: +-------------+ Slackware 14.2 packages: 0e523f42e759ecc2399f36e37672f110 kernel-generic-4.4.199-i586-1.txz ee6451f5362008b46fee2e08e3077b21 kernel-generic-smp-4.4.199_smp-i686-1.txz a8338ef88f2e3ea9c74d564c36ccd420 kernel-headers-4.4.199_smp-x86-1.txz cd9e9c241e4eec2fba1dae658a28870e kernel-huge-4.4.199-i586-1.txz 842030890a424023817d42a83a86a7f4 kernel-huge-smp-4.4.199_smp-i686-1.txz 257db024bb4501548ac9118dbd2d9ae6 kernel-modules-4.4.199-i586-1.txz 96377cbaf7bca55aaca70358c63151a7 kernel-modules-smp-4.4.199_smp-i686-1.txz 0673e86466f9e624964d95107cf6712f kernel-source-4.4.199_smp-noarch-1.txz Slackware x86_64 14.2 packages: 6d1ff428e7cad6caa8860acc402447a1 kernel-generic-4.4.199-x86_64-1.txz dadc091dc725b8227e0d1e35098d6416 kernel-headers-4.4.199-x86-1.txz f5f4c034203f44dd1513ad3504c42515 kernel-huge-4.4.199-x86_64-1.txz a5337cd8b2ca80d4d93b9e9688e42b03 kernel-modules-4.4.199-x86_64-1.txz 5dd6e46c04f37b97062dc9e52cc38add kernel-source-4.4.199-noarch-1.txz Installation instructions: +------------------------+ Upgrade the packages as root: # upgradepkg kernel-*.txz If you are using an initrd, you'll need to rebuild it. For a 32-bit SMP machine, use this command (substitute the appropriate kernel version if you are not running Slackware 14.2): # /usr/share/mkinitrd/mkinitrd_command_generator.sh -k 4.4.199-smp | bash For a 64-bit machine, or a 32-bit uniprocessor machine, use this command (substitute the appropriate kernel version if you are not running Slackware 14.2): # /usr/share/mkinitrd/mkinitrd_command_generator.sh -k 4.4.199 | bash Please note that "uniprocessor" has to do with the kernel you are running, not with the CPU. Most systems should run the SMP kernel (if they can) regardless of the number of cores the CPU has. If you aren't sure which kernel you are running, run "uname -a". If you see SMP there, you are running the SMP kernel and should use the 4.4.199-smp version when running mkinitrd_command_generator. Note that this is only for 32-bit -- 64-bit systems should always use 4.4.199 as the version. If you are using lilo or elilo to boot the machine, you'll need to ensure that the machine is properly prepared before rebooting. If using LILO: By default, lilo.conf contains an image= line that references a symlink that always points to the correct kernel. No editing should be required unless your machine uses a custom lilo.conf. If that is the case, be sure that the image= line references the correct kernel file. Either way, you'll need to run "lilo" as root to reinstall the boot loader. If using elilo: Ensure that the /boot/vmlinuz symlink is pointing to the kernel you wish to use, and then run eliloconfig to update the EFI System Partition. +-----+ Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com +------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. | +------------------------------------------------------------------------+ -----BEGIN PGP SIGNATURE----- iEYEARECAAYFAl3Ej4wACgkQakRjwEAQIjPBGgCbBvQSowDI1fl2+9FnjAuXifIV qp4AoIBHeQ0arALUOqrVAfv+sZvRsiwu =/1NF -----END PGP SIGNATURE----- . ========================================================================== Ubuntu Security Notice USN-4186-3 November 13, 2019 linux vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 16.04 LTS Summary: Several security issues were fixed in the Linux kernel. It was discovered that the kernel fix for CVE-2019-0155 (i915 missing Blitter Command Streamer check) was incomplete on 64-bit Intel x86 systems. This update addresses the issue. We apologize for the inconvenience. Original advisory details: Stephan van Schaik, Alyssa Milburn, Sebastian \xd6sterlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi Maisuradze, Moritz Lipp, Michael Schwarz, Daniel Gruss, and Jo Van Bulck discovered that Intel processors using Transactional Synchronization Extensions (TSX) could expose memory contents previously stored in microarchitectural buffers to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information. (CVE-2019-11135) It was discovered that the Intel i915 graphics chipsets allowed userspace to modify page table entries via writes to MMIO from the Blitter Command Streamer and expose kernel memory information. A local attacker could use this to expose sensitive information or possibly elevate privileges. (CVE-2019-0155) Deepak Gupta discovered that on certain Intel processors, the Linux kernel did not properly perform invalidation on page table updates by virtual guest operating systems. A local attacker in a guest VM could use this to cause a denial of service (host system crash). (CVE-2018-12207) It was discovered that the Intel i915 graphics chipsets could cause a system hang when userspace performed a read from GT memory mapped input output (MMIO) when the product is in certain low power states. A local attacker could use this to cause a denial of service. (CVE-2019-0154) Hui Peng discovered that the Atheros AR6004 USB Wi-Fi device driver for the Linux kernel did not properly validate endpoint descriptors returned by the device. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-15098) It was discovered that a buffer overflow existed in the 802.11 Wi-Fi configuration interface for the Linux kernel when handling beacon settings. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-16746) Ori Nimron discovered that the AX25 network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17052) Ori Nimron discovered that the IEEE 802.15.4 Low-Rate Wireless network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17053) Ori Nimron discovered that the Appletalk network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17054) Ori Nimron discovered that the modular ISDN network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17055) Ori Nimron discovered that the Near field Communication (NFC) network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17056) Nico Waisman discovered that a buffer overflow existed in the Realtek Wi-Fi driver for the Linux kernel when handling Notice of Absence frames. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-17666) Maddie Stone discovered that the Binder IPC Driver implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-2215) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 LTS: linux-image-4.4.0-169-generic 4.4.0-169.198 linux-image-4.4.0-169-generic-lpae 4.4.0-169.198 linux-image-4.4.0-169-lowlatency 4.4.0-169.198 linux-image-generic 4.4.0.169.177 linux-image-generic-lpae 4.4.0.169.177 linux-image-lowlatency 4.4.0.169.177 linux-image-virtual 4.4.0.169.177 Please note that mitigating the TSX (CVE-2019-11135) and i915 (CVE-2019-0154) issues requires corresponding microcode and graphics firmware updates respectively. After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://usn.ubuntu.com/4186-3 https://usn.ubuntu.com/4186-1 CVE-2019-0155, https://bugs.launchpad.net/bugs/1852141 Package Information: https://launchpad.net/ubuntu/+source/linux/4.4.0-169.198

Trust: 1.98

sources: NVD: CVE-2019-2215 // JVNDB: JVNDB-2019-010672 // VULMON: CVE-2019-2215 // PACKETSTORM: 155309 // PACKETSTORM: 155212 // PACKETSTORM: 155335

AFFECTED PRODUCTS

vendor:	huawei	model:	yale-l21a	scope:	lt	version:	10.1.0.231\(c10e3r3p2\)	Trust: 1.0
vendor:	huawei	model:	ares-tl00chw	scope:	lt	version:	8.2.0.163\(c01r2p1\)	Trust: 1.0
vendor:	netapp	model:	a800	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	p20 lite	scope:	lt	version:	9.1.0.246\(c432e6r1p7t8\)	Trust: 1.0
vendor:	huawei	model:	dura-al00a	scope:	lt	version:	1.0.0.190\(c00\)	Trust: 1.0
vendor:	huawei	model:	barca-al00	scope:	lt	version:	8.0.0.377\(c00\)	Trust: 1.0
vendor:	huawei	model:	florida-l21	scope:	lt	version:	9.1.0.154\(c605e7r1p2t8\)	Trust: 1.0
vendor:	netapp	model:	c190	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	berkeley-tl10	scope:	lt	version:	9.1.0.333\(c01e333r1p1t8\)	Trust: 1.0
vendor:	huawei	model:	columbia-l29d	scope:	lt	version:	9.1.0.325\(c432e4r1p12t8\)	Trust: 1.0
vendor:	huawei	model:	bla-l29c	scope:	lt	version:	9.1.0.300\(c432e4r1p11t8\)	Trust: 1.0
vendor:	huawei	model:	leland-tl10b	scope:	lt	version:	9.1.0.130\(c01e112r2p10t8\)	Trust: 1.0
vendor:	huawei	model:	nova 2s	scope:	lt	version:	9.1.0.210\(c01e110r1p9t8\)	Trust: 1.0
vendor:	huawei	model:	stanford-l09s	scope:	lt	version:	9.1.0.210\(c432e2r1p5t8\)	Trust: 1.0
vendor:	huawei	model:	duke-l09i	scope:	lt	version:	9.0.1.171\(c675e6r1p5t8\)	Trust: 1.0
vendor:	huawei	model:	rhone-al00	scope:	lt	version:	8.0.0.376\(c00\)	Trust: 1.0
vendor:	google	model:	android	scope:	eq	version:	-	Trust: 1.0
vendor:	netapp	model:	h610s	scope:	eq	version:	-	Trust: 1.0
vendor:	netapp	model:	service processor	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	berkeley-l09	scope:	lt	version:	9.1.0.351\(c432e5r1p13t8\)	Trust: 1.0
vendor:	huawei	model:	princeton-al10b	scope:	lt	version:	10.1.0.160\(c00e160r2p11\)	Trust: 1.0
vendor:	huawei	model:	yale-al00a	scope:	lt	version:	10.1.0.160\(c00e160r8p12\)	Trust: 1.0
vendor:	huawei	model:	alp-al00b	scope:	lt	version:	10.0.0.162\(c00e156r2p4\)	Trust: 1.0
vendor:	netapp	model:	h300s	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	honor view 20	scope:	lt	version:	10.1.0.214\(c10e5r4p3\)	Trust: 1.0
vendor:	huawei	model:	p20 lite	scope:	lt	version:	9.1.0.200\(c636e4r1p5t8\)	Trust: 1.0
vendor:	netapp	model:	steelstore cloud integrated storage	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	florida-al20b	scope:	lt	version:	9.1.0.128\(c00e112r1p6t8\)	Trust: 1.0
vendor:	huawei	model:	johnson-tl00d	scope:	lt	version:	9.1.0.219\(c01e18r3p2t8\)	Trust: 1.0
vendor:	huawei	model:	columbia-al00a	scope:	lt	version:	8.1.0.186\(c00gt\)	Trust: 1.0
vendor:	huawei	model:	p20 lite	scope:	lt	version:	9.1.0.201\(zafc185e4r1p8t8\)	Trust: 1.0
vendor:	netapp	model:	a320	scope:	eq	version:	-	Trust: 1.0
vendor:	netapp	model:	fas2750	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	bla-tl00b	scope:	lt	version:	10.0.0.170\(c01e170r1p4\)	Trust: 1.0
vendor:	huawei	model:	figo-al00a	scope:	lt	version:	9.1.0.130\(c00e115r2p8t8\)	Trust: 1.0
vendor:	huawei	model:	nova 3e	scope:	lt	version:	9.1.0.200\(c636e4r1p5t8\)	Trust: 1.0
vendor:	huawei	model:	tony-al00b	scope:	lt	version:	10.0.0.175\(c00e59r2p11\)	Trust: 1.0
vendor:	huawei	model:	honor 9i	scope:	lt	version:	9.1.0.130\(c00e112r2p10t8\)	Trust: 1.0
vendor:	huawei	model:	ares-al10d	scope:	lt	version:	9.1.0.165\(c00e165r2p5t8\)	Trust: 1.0
vendor:	netapp	model:	solidfire baseboard management controller	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	leland-l32a	scope:	lt	version:	9.1.0.153\(c675e6r1p4t8\)	Trust: 1.0
vendor:	huawei	model:	leland-tl10c	scope:	lt	version:	9.1.0.130\(c01e112r2p10t8\)	Trust: 1.0
vendor:	huawei	model:	stanford-l09	scope:	lt	version:	9.1.0.211\(c635e2r1p4t8\)	Trust: 1.0
vendor:	debian	model:	linux	scope:	eq	version:	8.0	Trust: 1.0
vendor:	huawei	model:	sydney-al00	scope:	lt	version:	9.1.0.212\(c00e62r1p7t8\)	Trust: 1.0
vendor:	huawei	model:	jakarta-al00a	scope:	lt	version:	9.1.0.260\(c00e120r2p2\)	Trust: 1.0
vendor:	netapp	model:	aff baseboard management controller	scope:	eq	version:	-	Trust: 1.0
vendor:	canonical	model:	ubuntu linux	scope:	eq	version:	16.04	Trust: 1.0
vendor:	netapp	model:	fas2720	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	y9 2019	scope:	lt	version:	9.1.0.297\(c605e4r1p1t8\)	Trust: 1.0
vendor:	netapp	model:	solidfire	scope:	eq	version:	-	Trust: 1.0
vendor:	netapp	model:	h500s	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	mate rs	scope:	eq	version:	9.1.0.321\(c786e320r1p1t8\)	Trust: 1.0
vendor:	huawei	model:	p20 lite	scope:	lt	version:	9.1.0.200\(c605e4r1p3t8\)	Trust: 1.0
vendor:	huawei	model:	nova 3	scope:	lt	version:	9.1.0.351\(c00e351r1p1t8\)	Trust: 1.0
vendor:	huawei	model:	sydneym-al00	scope:	lt	version:	9.1.0.212\(c00e62r1p7t8\)	Trust: 1.0
vendor:	huawei	model:	cornell-tl10b	scope:	lt	version:	9.1.0.321\(c01e320r1p1t8\)	Trust: 1.0
vendor:	huawei	model:	sydney-tl00	scope:	lt	version:	9.1.0.212\(c01e62r1p7t8\)	Trust: 1.0
vendor:	huawei	model:	florida-l03	scope:	lt	version:	9.1.0.154\(c605e7r1p2t8\)	Trust: 1.0
vendor:	huawei	model:	p20	scope:	lt	version:	9.1.0.312\(c00e312r1p1t8\)	Trust: 1.0
vendor:	huawei	model:	yale-tl00b	scope:	lt	version:	10.1.0.160\(c01e160r8p12\)	Trust: 1.0
vendor:	huawei	model:	p20 lite	scope:	lt	version:	9.1.0.200\(c635e5r1p1t8\)	Trust: 1.0
vendor:	huawei	model:	leland-al10b	scope:	lt	version:	9.1.0.130\(c00e112r2p10t8\)	Trust: 1.0
vendor:	huawei	model:	anne-al00	scope:	lt	version:	9.1.0.126\(c00e126r1p7t8\)	Trust: 1.0
vendor:	huawei	model:	lelandp-al00c	scope:	lt	version:	9.1.0.130\(c00e112r2p10t8\)	Trust: 1.0
vendor:	huawei	model:	lelandp-l22c	scope:	lt	version:	9.1.0.156\(c636e5r1p5t8\)	Trust: 1.0
vendor:	netapp	model:	h410c	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	tony-tl00b	scope:	lt	version:	10.0.0.175\(c01e59r2p11\)	Trust: 1.0
vendor:	netapp	model:	h410s	scope:	eq	version:	-	Trust: 1.0
vendor:	netapp	model:	data availability services	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	bla-al00b	scope:	lt	version:	10.0.0.170\(c786e170r2p4\)	Trust: 1.0
vendor:	netapp	model:	h700s	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	p20 lite	scope:	lt	version:	9.1.0.201\(c636e4r1p5t8\)	Trust: 1.0
vendor:	huawei	model:	leland-l21a	scope:	lt	version:	9.1.0.156\(c185e5r1p5t8\)	Trust: 1.0
vendor:	huawei	model:	alp-tl00b	scope:	lt	version:	10.0.0.162\(c01e156r1p4\)	Trust: 1.0
vendor:	huawei	model:	florida-tl10b	scope:	lt	version:	9.1.0.128\(c01e112r1p6t8\)	Trust: 1.0
vendor:	netapp	model:	cloud backup	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	nova 3e	scope:	lt	version:	9.1.0.201\(c636e4r1p5t8\)	Trust: 1.0
vendor:	netapp	model:	hci management node	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	florida-l22	scope:	lt	version:	9.1.0.150\(c636e6r1p5t8\)	Trust: 1.0
vendor:	huawei	model:	neo-al00d	scope:	lt	version:	9.1.0.321\(c786e320r1p1t8\)	Trust: 1.0
vendor:	netapp	model:	a220	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	nova 3e	scope:	lt	version:	9.1.0.201\(zafc185e4r1p8t8\)	Trust: 1.0
vendor:	huawei	model:	ares-al00b	scope:	lt	version:	9.1.0.165\(c00e165r2p5t8\)	Trust: 1.0
vendor:	google	model:	android	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2019-010672 // NVD: CVE-2019-2215

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2019-2215
value:	HIGH
Trust: 1.0
NVD:	CVE-2019-2215
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201910-198
value:	HIGH
Trust: 0.6
VULMON:	CVE-2019-2215
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2019-2215
severity:	MEDIUM
baseScore:	4.6
vectorString:	AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	3.9
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9

nvd@nist.gov:	CVE-2019-2215
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.1
Trust: 1.0
NVD:	CVE-2019-2215
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULMON: CVE-2019-2215 // JVNDB: JVNDB-2019-010672 // CNNVD: CNNVD-201910-198 // NVD: CVE-2019-2215

PROBLEMTYPE DATA

problemtype:

CWE-416

Trust: 1.8

sources: JVNDB: JVNDB-2019-010672 // NVD: CVE-2019-2215

THREAT TYPE

local

Trust: 0.7

sources: PACKETSTORM: 155309 // CNNVD: CNNVD-201910-198

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201910-198

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-010672

EXPLOIT AVAILABILITY

sources: VULMON: CVE-2019-2215

PATCH

title:	Android Security Bulletin-October 2019	url:	https://source.android.com/security/bulletin/2019-10-01	Trust: 0.8
title:	Android Remediation of resource management error vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=113604	Trust: 0.6
title:	Ubuntu Security Notice: linux, linux-aws, linux-kvm vulnerabilities	url:	https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-4186-1	Trust: 0.1
title:	Huawei Security Advisories: Security Advisory - Use-after-free Vulnerability in Android Kernel	url:	https://vulmon.com/vendoradvisory?qidtp=huawei_security_advisories&qid=1133478f2f2ad2f8395bfcd7f09871d7	Trust: 0.1
title:	Ubuntu Security Notice: linux vulnerability	url:	https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-4186-3	Trust: 0.1
title:	cve-2019-2215	url:	https://github.com/kangtastic/cve-2019-2215	Trust: 0.1
title:	CVE-2019-2215	url:	https://github.com/timwr/CVE-2019-2215	Trust: 0.1
title:	qu1ckr00t	url:	https://github.com/grant-h/qu1ckr00t	Trust: 0.1
title:	CVE-2019-2215	url:	https://github.com/soryecker/CVE-2019-2215	Trust: 0.1
title:	CVE-2019-2215	url:	https://github.com/marcinguy/CVE-2019-2215	Trust: 0.1
title:	CVE-2019-2215	url:	https://github.com/mufidmb38/CVE-2019-2215	Trust: 0.1
title:	Umass-CS-590J-Capstone-Project	url:	https://github.com/aguerriero1998/Umass-CS-590J-Capstone-Project	Trust: 0.1
title:	AndroidKernelVulnerability	url:	https://github.com/sharif-dev/AndroidKernelVulnerability	Trust: 0.1
title:	cve-2019-2215	url:	https://github.com/DimitriFourny/cve-2019-2215	Trust: 0.1
title:	android-kernel-exploitation-ashfaq-CVE-2019-2215	url:	https://github.com/c0n71nu3/android-kernel-exploitation-ashfaq-CVE-2019-2215	Trust: 0.1
title:	awesome-netsec-articles	url:	https://github.com/pengusec/awesome-netsec-articles	Trust: 0.1
title:	panopticon-Sidewinder	url:	https://github.com/Panopticon-Project/panopticon-Sidewinder	Trust: 0.1
title:	CVE-2019-2215	url:	https://github.com/c3r34lk1ll3r/CVE-2019-2215	Trust: 0.1
title:	android_device_sharp_sh8996	url:	https://github.com/saga0324/android_device_sharp_sh8996	Trust: 0.1
title:	CVE-2019-2215	url:	https://github.com/addhaloka/CVE-2019-2215	Trust: 0.1
title:	Vulnerability-engine	url:	https://github.com/tdcoming/Vulnerability-engine	Trust: 0.1
title:	poc-exp	url:	https://github.com/msr00t/poc-exp	Trust: 0.1
title:	poc--exp	url:	https://github.com/HacTF/poc--exp	Trust: 0.1
title:	linux-kernel-exploitation	url:	https://github.com/vahalen/linux-kernel-exploitation	Trust: 0.1
title:	linux-kernel-exploitation	url:	https://github.com/TamilHackz/linux-kernel-exploitation	Trust: 0.1
title:	android-security	url:	https://github.com/alphaSeclab/android-security	Trust: 0.1
title:	sec-daily-2019	url:	https://github.com/alphaSeclab/sec-daily-2019	Trust: 0.1
title:	PoC-in-GitHub	url:	https://github.com/developer3000S/PoC-in-GitHub	Trust: 0.1
title:	PoC-in-GitHub	url:	https://github.com/hectorgie/PoC-in-GitHub	Trust: 0.1
title:	CVE-POC	url:	https://github.com/0xT11/CVE-POC	Trust: 0.1
title:	PoC-in-GitHub	url:	https://github.com/nomi-sec/PoC-in-GitHub	Trust: 0.1
title:	Threatpost	url:	https://threatpost.com/android-bugs-exploited-wild/166347/	Trust: 0.1
title:	Threatpost	url:	https://threatpost.com/sidewinder-apt-nepal-afghanistan-spy-campaign/162086/	Trust: 0.1
title:	Threatpost	url:	https://threatpost.com/brisk-private-trade-zero-days/154502/	Trust: 0.1
title:	The Register	url:	https://www.theregister.co.uk/2020/01/07/nasty_google_play_apps/	Trust: 0.1
title:	The Register	url:	https://www.theregister.co.uk/2019/11/23/security_roundup_nov22/	Trust: 0.1
title:	Threatpost	url:	https://threatpost.com/google-october-android-security-update/148964/	Trust: 0.1
title:	Threatpost	url:	https://threatpost.com/google-warns-of-zero-day/148924/	Trust: 0.1

sources: VULMON: CVE-2019-2215 // JVNDB: JVNDB-2019-010672 // CNNVD: CNNVD-201910-198

EXTERNAL IDS

db:	NVD	id:	CVE-2019-2215	Trust: 2.8
db:	PACKETSTORM	id:	154911	Trust: 1.7
db:	PACKETSTORM	id:	156495	Trust: 1.7
db:	PACKETSTORM	id:	155212	Trust: 1.2
db:	JVNDB	id:	JVNDB-2019-010672	Trust: 0.8
db:	EXPLOIT-DB	id:	47463	Trust: 0.7
db:	PACKETSTORM	id:	155309	Trust: 0.7
db:	PACKETSTORM	id:	155335	Trust: 0.7
db:	PACKETSTORM	id:	154730	Trust: 0.6
db:	EXPLOIT-DB	id:	48129	Trust: 0.6
db:	AUSCERT	id:	ESB-2019.4271	Trust: 0.6
db:	AUSCERT	id:	ESB-2020.0200	Trust: 0.6
db:	AUSCERT	id:	ESB-2020.0766	Trust: 0.6
db:	CNNVD	id:	CNNVD-201910-198	Trust: 0.6
db:	VULMON	id:	CVE-2019-2215	Trust: 0.1

sources: VULMON: CVE-2019-2215 // JVNDB: JVNDB-2019-010672 // PACKETSTORM: 155309 // PACKETSTORM: 155212 // PACKETSTORM: 155335 // CNNVD: CNNVD-201910-198 // NVD: CVE-2019-2215

REFERENCES

url:	https://usn.ubuntu.com/4186-1/	Trust: 1.8
url:	https://source.android.com/security/bulletin/2019-10-01	Trust: 1.7
url:	http://seclists.org/fulldisclosure/2019/oct/38	Trust: 1.7
url:	http://packetstormsecurity.com/files/154911/android-binder-use-after-free.html	Trust: 1.7
url:	https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html	Trust: 1.7
url:	http://packetstormsecurity.com/files/156495/android-binder-use-after-free.html	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2019-2215	Trust: 1.7
url:	https://security.netapp.com/advisory/ntap-20191031-0005/	Trust: 1.1
url:	http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191030-01-binder-en	Trust: 1.1
url:	https://seclists.org/bugtraq/2019/nov/11	Trust: 1.1
url:	http://packetstormsecurity.com/files/155212/slackware-security-advisory-slackware-14.2-kernel-updates.html	Trust: 1.1
url:	https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html	Trust: 1.1
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-2215	Trust: 0.9
url:	https://www.exploit-db.com/exploits/47463	Trust: 0.7
url:	https://usn.ubuntu.com/4186-3/	Trust: 0.7
url:	https://usn.ubuntu.com/4186-2/	Trust: 0.6
url:	https://vigilance.fr/vulnerability/google-android-pixel-multiple-vulnerabilities-of-october-2019-30549	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.0766/	Trust: 0.6
url:	https://packetstormsecurity.com/files/155309/ubuntu-security-notice-usn-4186-1.html	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2019.4271/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.0200/	Trust: 0.6
url:	https://mp.weixin.qq.com/s/kjw0wkuh7gg6k5ago_6poq	Trust: 0.6
url:	https://www.exploit-db.com/exploits/48129	Trust: 0.6
url:	https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20191030-01-binder-cn	Trust: 0.6
url:	https://packetstormsecurity.com/files/155335/ubuntu-security-notice-usn-4186-3.html	Trust: 0.6
url:	https://packetstormsecurity.com/files/154730/android-binder-driver-use-after-free.html	Trust: 0.6
url:	https://nvd.nist.gov/vuln/detail/cve-2019-17053	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2019-16746	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2019-17054	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2019-17055	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2019-15098	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2019-17056	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2019-17052	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2019-0154	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2019-0155	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2018-12207	Trust: 0.2
url:	https://usn.ubuntu.com/4186-1	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2019-11135	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2019-17666	Trust: 0.2
url:	https://cwe.mitre.org/data/definitions/416.html	Trust: 0.1
url:	https://github.com/kangtastic/cve-2019-2215	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/110334	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-kvm/4.4.0-1062.69	Trust: 0.1
url:	https://wiki.ubuntu.com/securityteam/knowledgebase/taa_mcepsc_i915	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux/4.4.0-168.197	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-aws/4.4.0-1098.109	Trust: 0.1
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-14835	Trust: 0.1
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-17054	Trust: 0.1
url:	http://slackware.com	Trust: 0.1
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-17075	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-15118	Trust: 0.1
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-17053	Trust: 0.1
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-10906	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-10906	Trust: 0.1
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-20976	Trust: 0.1
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-17052	Trust: 0.1
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-15117	Trust: 0.1
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-17133	Trust: 0.1
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-14816	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-15505	Trust: 0.1
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-15098	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-14821	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-14835	Trust: 0.1
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-16746	Trust: 0.1
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-15118	Trust: 0.1
url:	http://slackware.com/gpg-key	Trust: 0.1
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-10905	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-10905	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-14816	Trust: 0.1
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-3900	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-15117	Trust: 0.1
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-17056	Trust: 0.1
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-14821	Trust: 0.1
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10638	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-17075	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-3900	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-10638	Trust: 0.1
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-17055	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-20976	Trust: 0.1
url:	http://osuosl.org)	Trust: 0.1
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-14814	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-17133	Trust: 0.1
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-15505	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-14814	Trust: 0.1
url:	https://bugs.launchpad.net/bugs/1852141	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux/4.4.0-169.198	Trust: 0.1
url:	https://usn.ubuntu.com/4186-3	Trust: 0.1

CREDITS

Ubuntu

Trust: 0.2

sources: PACKETSTORM: 155309 // PACKETSTORM: 155335

SOURCES

db:	VULMON	id:	CVE-2019-2215
db:	JVNDB	id:	JVNDB-2019-010672
db:	PACKETSTORM	id:	155309
db:	PACKETSTORM	id:	155212
db:	PACKETSTORM	id:	155335
db:	CNNVD	id:	CNNVD-201910-198
db:	NVD	id:	CVE-2019-2215

LAST UPDATE DATE

2024-08-14T12:32:15.225000+00:00

SOURCES UPDATE DATE

db:	VULMON	id:	CVE-2019-2215	date:	2019-10-18T00:00:00
db:	JVNDB	id:	JVNDB-2019-010672	date:	2019-10-21T00:00:00
db:	CNNVD	id:	CNNVD-201910-198	date:	2020-04-09T00:00:00
db:	NVD	id:	CVE-2019-2215	date:	2024-07-25T14:10:44.723

SOURCES RELEASE DATE

db:	VULMON	id:	CVE-2019-2215	date:	2019-10-11T00:00:00
db:	JVNDB	id:	JVNDB-2019-010672	date:	2019-10-21T00:00:00
db:	PACKETSTORM	id:	155309	date:	2019-11-13T17:16:22
db:	PACKETSTORM	id:	155212	date:	2019-11-08T15:37:19
db:	PACKETSTORM	id:	155335	date:	2019-11-14T15:56:10
db:	CNNVD	id:	CNNVD-201910-198	date:	2019-10-04T00:00:00
db:	NVD	id:	CVE-2019-2215	date:	2019-10-11T19:15:10.947